package controllers;
import business.SysUser;
import utils.security.InjectionInterceptor;
import net.sf.json.JSONObject;
import play.Logger;
import play.mvc.Before;
import play.mvc.Controller;

import java.util.Map;

/**
 * 总控制器类
 */
public class BaseController extends Controller {
    /**
     * 脚本注入拦截器
     * @throws Exception
     */
    @Before
    protected static void injectionInterceptor() throws Exception {
        new InjectionInterceptor().run();
        Map<String,String[]> map = params.all();
        Logger.info(request.action+","+JSONObject.fromObject(params.all()).toString());
        //遍历map中的值
//        for (String[] s0 : map.values()) {
//            for (String s1: s0) {
//                if(s1.length() > 15){
//                    Logger.info("param is too longer" + s1.length());
//                    renderText("param is too longer");
//                }
//            }
//        }
    }
    /**
     * 权限判断
     */
    @Before(unless = {
            "FileController.uploadImage",
            "FileController.images" })
    protected static void checkPermission(){
        SysUser.checkLogin();
        //验证权限
        boolean bResult = SysUser.isHavePermission(request.url);
        if(!bResult){
            renderText("no permission access: " +request.url);
        }
    }
}
